Proposal: Offer resident accounts as OpenIDs

Here's a proposal I wrote today:

Residents should be able to use their SL accounts as OpenID identities. Allowing residents to authenticate against their Second Life accounts on third-party web sites with the OpenID protocol would benefit residents and third-party content creators alike. Creators of web services such as Snapzilla, SLboutique, and Landmarker could allow residents to sign in directly with their Second Life accounts instead of requiring separate registration and in-world authentication. Residents would be able to use fun and interesting third-party services without registering and without revealing their Second Life passwords.

For example, if Landmarker provided OpenID support, Alice Example might enter her name in a "Sign in with your SL name" field and be directed to secondlife.com/openid/ . There she would sign into secondlife.com (if she hadn't already signed in) and confirm she would like to sign into Landmarker. Then, using the OpenID protocol, secondlife.com would confirm to Landmarker that Alice is who she says she is (eg secondlife.com/users/Alice_Example ) and Landmarker would treat Alice as a regular user of the service. This is the standard way OpenID servers work.

Documentation for OpenID is available at http://www.openid.net/ .

I observed the guidelines I posted about here, and some that I plan to write about in the future. I checked for previous proposals for my feature and wrote a good title. I made sure my feature is not something we already have by a different name, and that it's not something I can do myself. I also made my case, suggested a possible design without presupposing a solution, and checked my spelling. I won't post it to the vote system until I have a discussion URL for it.

Comments

I'd been contemplating an alternative solution to the question of multiple logins for a single sl identity at various sites. This proposal would solve such problems without the need for a service in the middle.

I like what you're doing here with this blog. Even though you don't seem to be inworld much, it's good to see that you're still involved and interested in SL stuff! Keep up the good work. We definitely need more of this type of content.

I commented on this already with you in IRC, and on the discussion thread about some unique-to-SL capability that could be beneficial.

Although, I have thought about this, would it not be possible to create a resident-run openID server? One group could handle the verification of who you are in-world and then provide authentication to others. Adoption could be driven by other third party sites referencing the community server.

Of course this would really only be good in the event that it is declined as feasible by Linden. I cannot see that happening, but it is always wise to think ahead.